Ethereum Wallet Inheritance: Using Social Recovery Smart Contracts for Heir Access After Death
Managing cryptocurrency inheritance remains one of the most challenging problems in Web3. Unlike traditional bank accounts with clear legal frameworks, Ethereum wallets lack built-in mechanisms for transferring assets to heirs upon death. This guide explores how social recovery smart contracts solve this problem, enabling secure heir access after the wallet owner’s passing.
The Inheritance Problem in Self-Custody Wallets
Self-custody Ethereum wallets provide users with complete control over their funds through private keys. While this eliminates dependency on centralized institutions, it creates a critical vulnerability: if the owner dies or becomes incapacitated without sharing access credentials, those funds become permanently inaccessible.
Standard wallet solutions offer no native inheritance path. Hardware wallets, MetaMask, and other popular options assume the owner remains alive and capable of signing transactions. Families lose millions in unclaimed crypto each year precisely because no recovery mechanism exists.
Social recovery contracts solve this by implementing a triadic structure: the owner maintains control during their lifetime, designated guardians can trigger recovery after a timelock period, and the contract enforces strict conditions before any transfer occurs.
Architecture of a Social Recovery Inheritance Contract
A basic inheritance contract requires several components:
- Owner management — The original wallet owner retains full control
- Guardian system — Multiple trusted parties who can initiate recovery
- Timelock mechanism — A delay period preventing unauthorized transfers
- Death verification — A mechanism to confirm the owner’s status
- Heir designation — Clear specification of who receives the assets
Here’s a simplified Solidity implementation:
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.19;
contract SocialRecoveryInheritance {
address public owner;
address[] public guardians;
address public heir;
uint256 public timelockDuration = 30 days;
uint256 public recoveryRequestTime;
bool public isRecovering;
event HeirProposed(address indexed newHeir);
event RecoveryInitiated(address indexed by, uint256 unlockTime);
event RecoveryCancelled();
event OwnershipTransferred(address indexed from, address indexed to);
constructor(address _heir) {
owner = msg.sender;
heir = _heir;
}
modifier onlyOwner() {
require(msg.sender == owner, "Not the owner");
_;
}
function addGuardian(address _guardian) external onlyOwner {
guardians.push(_guardian);
}
function initiateRecovery() external {
require(!isRecovering, "Recovery already in progress");
require(msg.sender == heir || isGuardian(msg.sender), "Not authorized");
isRecovering = true;
recoveryRequestTime = block.timestamp;
emit RecoveryInitiated(msg.sender, block.timestamp + timelockDuration);
}
function completeRecovery() external {
require(isRecovering, "No recovery pending");
require(
block.timestamp >= recoveryRequestTime + timelockDuration,
"Timelock active"
);
emit OwnershipTransferred(owner, heir);
owner = heir;
isRecovering = false;
}
function cancelRecovery() external onlyOwner {
isRecovering = false;
emit RecoveryCancelled();
}
function isGuardian(address _addr) internal view returns (bool) {
for (uint i = 0; i < guardians.length; i++) {
if (guardians[i] == _addr) return true;
}
return false;
}
receive() external payable {}
}
This contract demonstrates the core pattern. The heir cannot access funds immediately—instead, they must initiate recovery and wait through the timelock period. This prevents opportunistic theft if someone obtains the heir’s private key.
Practical Implementation Considerations
Guardian Selection
Choose guardians carefully. Options include:
- Family members — Spouses, adult children, or siblings
- Professional services — Crypto estate attorneys or designated third parties
- Multisig holders — A 2-of-3 setup with trusted parties
- DAO governance — For more sophisticated arrangements
Avoid selecting a single point of failure. Multiple guardians provide redundancy and reduce collusion risk.
Death Verification Mechanisms
Determining when an owner has died presents challenges. Several approaches exist:
Oracle-based verification: Integrate with death notification services like Chainlink oracles that query obituaries, death certificates, or legal documentation.
Multisig guardians: Require multiple independent guardians to confirm death before initiating recovery.
Legal notification: Establish that guardians must receive formal death certificate documentation before triggering the process.
Activity-based triggers: Implement inactivity periods—for example, if the owner doesn’t interact with the contract for 12 months, heirs can initiate recovery. This approach is simpler but less secure.
Integration with Existing Wallets
Rather than replacing MetaMask or hardware wallets entirely, wrap your existing wallet in the inheritance contract. This maintains your current security setup while adding inheritance capabilities.
// Wrap existing wallet for inheritance support
contract WalletWrapper {
IWallet public wrappedWallet;
SocialRecoveryInheritance public inheritanceContract;
constructor(address _wallet, address _heir) {
wrappedWallet = IWallet(_wallet);
inheritanceContract = new SocialRecoveryInheritance(_heir);
}
// Forward calls to wrapped wallet
fallback() external payable {
// Maintain original wallet functionality
}
}
Gas Considerations
Inheritance contracts hold ETH and ERC-20 tokens. Ensure the contract maintains sufficient gas reserves for:
- Guardian additions
- Recovery initiation
- Final transfer execution
Consider funding the contract with a small ETH buffer or implementing a gas fee subsidy mechanism.
Advanced Patterns
Split Inheritance
Divide assets among multiple heirs with different timelocks:
struct HeirConfig {
address heir;
uint256 share;
uint256 timelock;
}
HeirConfig[] public heirs;
mapping(address => uint256) public pendingRecovery;
This allows leaving smaller amounts to casual heirs while requiring longer timelocks for larger inheritances—reducing risk if a smaller heir’s key is compromised.
Conditional Transfers
Add smart contract conditions:
- Age-based release — Heirs under 18 receive funds through a trustee
- Education milestones — Funds unlock upon graduation or certification
- Charitable remainder — Portion goes to charity if heirs predecease the original owner
Integration with Legal Frameworks
Some projects combine smart contracts with traditional legal documents. The contract references a hash of the legal will, creating a verifiable link between onchain and offchain inheritance plans.
Security Trade-offs
Social recovery inheritance involves inherent compromises:
Timelock security: Longer timelocks protect against false recovery claims but delay legitimate heir access during an actual death. A 30-90 day window balances these concerns.
Guardian trust: Guardians become high-value targets for social engineering. Use threshold signatures requiring multiple guardians to agree before recovery proceeds.
Contract risk: Smart contracts can contain bugs. Use audited implementations, consider upgradeable proxies, and maintain insurance coverage for large estates.
Key management: Heirs must secure their own keys. Provide guidance on hardware wallets and secure storage.
Current Tools and Services
Several projects implement these patterns:
- Argent — Mobile wallet with built-in social recovery
- Gnosis Safe — Multi-sig with inheritance plugins
- Coinbase Wallet — Recovery phrase sharing features
- Argentina — Dedicated crypto estate planning
For developers, open-source implementations like inheritance-contracts on GitHub provide audited starting points for custom deployments.
Related Articles
- Cryptocurrency Wallet Recovery Planning For Heirs How To Pas
- Hardware Wallet Inheritance Instructions How To Write Clear
- Hinge Connected Friends Feature Privacy Risk
- How to set up encrypted emergency access your family can
- How To Set Up Encrypted Usb Drive With Recovery Instructions
Built by theluckystrike — More at zovo.one